There are different kinds of electronic commerce systems and associated payment systems. Some existing systems provide only handling of payments, i.e., so called payment systems, some systems provide full transaction services, and other systems provide some transaction services together with payment services.
Transactions and payments in such electronic commerce systems are performed over a communication network such as the public switched telephone network, cellular phone systems, the Internet, or an intranet etc. Small payment transactions are denoted micro-payments. The goods, such as documents, pictures, software, stock market information, etc., are purchased by a customer via a webbrowser from a merchant over the Internet.
Crucial for all existing micro-payment schemes is a very low transaction cost, i.e., the transaction cost must be at least a magnitude smaller than the price of the goods. The low prices of the goods imply a lower expectation of the security level compared to “full” price systems.
Further, other requirements on payment systems include low price, fast and reliable transfer, and to provide customer integrity.
For every transaction, money has to be transferred from a customer account to a merchant account. Micro payment may be considered as one transaction per merchant site while as a plurality of transactions in other cases. The current business model for micro payments is still not well understood, and different solutions aim for different models.
There are two basic concepts and a number of different solutions for each concept on the market. On the one hand, DigiCash, CyberCoin and Millicent are well-known digital cash solutions representing the first concept. On the other hand, IBM's MiniPay is an account based solution, wherein real money is transferred between different accounts, representing the second concept. The MiniPay is a lightweight system and probably quite cheap regarding operating costs, and it is user-friendly.
A general description of a prior art account based system is described with reference to FIG. 1. According to a generic payment system as shown in FIG. 1, a merchant 100 displays the goods for sale, e.g., on a web page, at step 0. A customer 101 orders goods at step 1. At step 2, the customer 101 sends a payment order to its account manager 102. The payment is transferred to a value acquirer 103 at step 3. The merchant 100 is notified of the payment completion by the value acquirer 102 at step 4, and the goods are finally delivered.
A micro-payment system such as the IBM MiniPay system includes a plurality of necessary features in order to operate properly. When a purchasable item is presented on a customer's browser, the Minipay provides desired click and pay features for the order and payment of the goods. Further, an easy way for establishment of the link between the goods and the payment system, and the use of the system from the customer's as well as the merchant's point of view has to be provided. The usefulness of the payment system increases if it is adaptable to several accounting systems like Telco's billing systems and banking accounts. It must be possible to do business in multi-operator environment. The system must be scalable, i.e., adaptable for a few users as well as for millions of users with costs growing not more than linearly. For the purpose of distribution, the system has to run on standard hardware, such as PCs and workstations. The value of the goods for sale in a micro-payment environment is quite low and, consequently, the security measures should be in harmony with these values. Micro payment systems have to provide limited information volume and processing overheads for the transactions. Among the required processing tasks are customer authentication, authorization, and currency exchange rate calculations. Most of the above mentioned features are solved by the MiniPay system.
However, a problem with the MiniPay system and other payment systems is the problem of interoperator transactions, and complex clearing procedures of transactions within an operator and between operators.
Another problem is that prior art payment systems only support a single or a pair of currencies, and it is not possible to add new currencies. A consumer expects to buy from merchants scattered around the globe. Thus, there is minimal chance that a consumer buys a product from a merchant using the same currency as in its own country. As much as a consumer expects to pay in its own currency, a merchant expects to be paid in its own.
A main problem in digital cash systems and in some account based systems is double spending, which occurs when customers are involved in several transactions simultaneously. Customer integrity is a further problem in electronic commerce systems, i.e., merchants can utilise customer consumption patterns in undesired ways. Authentication, authorisation of the customer, and the handling of encryption keys are important features in a payment system.
PKI (Public Key Infrastructure) is a system(s) using certificates or electronic ID cards for obtaining secure transactions and customer integrity. Certificates exist in various formats and flavours, such as the X.509 standard.
One of the most difficult items in electronic commerce today is how to secure the transportation of digital goods between trading parties. There are several aspects where it might be an advantage to have a mechanism that can protect the involved parties both from a legal and a reliability perspective. Usually, today's trading/payment schemes do not cover this at all, or badly.
Three major problems can be identified as blockers for trading with digital goods over the Internet:
1. Acceptance of Delivery
The consumer does not have sufficient tools to handle acceptance of delivery in case of digital goods. Most often, merchandise has to be accepted as it arrives through the Internet to the consumer's computer. There are no legal possibilities to complain if it was erroneous or completely wrong.
2. Fraudulent Consumers/Non-Repudiation
The merchants on the Internet do not have enough or easy tools to prohibit fraudulent consumers from ordering goods that they do not want to pay for. The merchant cannot know if the goods reached the consumer or not.
3. Unauthorized Access of Goods
In some trading situations, either the consumer or the merchant (sometimes both) does not want to reveal the good for any outsiders. Within the Internet environment, it will always be possible to catch plain text information between two parties.